Detours Library fix for Microsoft Application Virtualization

About this hotfix

This hotfix fixes vulnerabilities in the Detours Library that's used by Microsoft Application Virtualization (App-V). The affected versions are the following:

App-V 5.1

App-V 5.0 Service Pack 3 (SP3)

App-V 4.6 SP3

App-V 4.5 SP2

An information disclosure vulnerability exists in the way that App-V handles objects in memory. This could cause an Address Space Layout Randomization (ASLR) bypass.

An attacker who successfully exploits the information disclosure vulnerability could use the obtained information to bypass the ASLR security mechanism in Windows. This mechanism helps protect users from a broad range of vulnerabilities. The ASLR bypass by itself does not allow arbitrary code execution. However, an attacker could use the ASLR bypass together with another vulnerability, such as a remote code execution vulnerability, that could use the ASLR bypass to run arbitrary code.

To exploit the ASLR bypass, an attacker would have to log on to an affected system and run a specially crafted application. Workstations are primarily vulnerable to the potential ASLR bypass.

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that's described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there's a "Hotfix Download Available" section at the top of this Knowledge Base article. If this section doesn't appear, submit a request to Microsoft Customer Service and Support to get the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that don't qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website:

Note The "Hotfix Download Available" form displays the languages for which the hotfix is available. If you don't see your language, it's because a hotfix isn't available for that language.

Note The downloadable file for App-V 5.1 and App-V 5.0 SP3 has the form <Hotfix ID>_intl_i386_zip.exe and contains installers for both x86-based and x64-based architectures. For App-V 4.6 SP3, separate installers for x86 and x64 are provided. For App-V 4.5 SP2, the x86 installer is provided. See the names for the downloaded files under the File information section.

Prerequisites

To apply this hotfix for the specific version of App-V, you must have that release version of App-V installed. For example, to apply the hotfix for App-V 5.1, you must have the release version of App-V 5.1 installed or a subsequent App-V 5.1 servicing release installed.

Registry information

To apply this hotfix, you don't have to make any changes to the registry.

Restart requirement

You must restart the computer after you apply this hotfix.

Replacement information

This hotfix doesn't replace a previously released hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

493072_intl_i386_zip.exe

File name

Build version

File size

Date

Time

Platform

Appv4.5sp2-rds-kb3172672-x86.msp

4.5.3.20161

2,256,896

4-Jul-16

11:28

x86

Appv4.5sp2-wd-kb3172672-x86.msp

4.5.3.20161

2,256,896

4-Jul-16

11:47

x86

493672_intl_i386_zip.exe

File name

Build version

File size

Date

Time

Platform

Appv4.6sp3-rds-kb3172672-x86.msp

4.6.3.26260

8,773,632

21-Sep-16

11:27

x86

Appv4.6sp3-wd-kb3172672-x86.msp

4.6.3.26260

8,773,632

21-Sep-16

11:27

x86

493673_intl_x64_zip.exe

File name

Build version

File size

Date

Time

Platform

Appv4.6sp3-rds-kb3172672-x64n.msp

4.6.3.26260

9,474,048

21-Sep-16

11:27

x64

Appv4.6sp3-wd-kb3172672-x64n.msp

4.6.3.26260

9,474,048

21-Sep-16

11:27

x64

493054_intl_i386_zip.exe

File name

Build version

File size

Date

Time

Platform

Appv5.0sp3_client_kb3172672.exe

5.0.10345.0

76,717,976

23-Jun-16

11:53

x86 & x64

Appv5.0sp3_rds_kb3172672.exe

5.0.10345.0

76,716,624

23-Jun-16

11:53

x86 & x64

493052_intl_i386_zip.exe

File name

File version

File size

Date

Time

Platform

Appv5.1rtm_client_kb3172672.exe

5.1.108.0

41,005,592

13-Jul-16

4:26

x86 & x64

Appv5.1rtm_rds_kb3172672.exe

5.1.108.0

41,005,192

13-Jul-16

4:26

x86 & x64

Status

Microsoft has confirmed that this is an update in the Microsoft products that are listed in the "Applies to" section.

References

Learn about the terminology that Microsoft uses to describe software updates.